From 9129f129c512eb75e7a72910d6576611d69dfcd2 Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Wed, 22 Jul 2015 09:20:48 -0500
Subject: [PATCH] Get session requirements for user not logged - refs BT#9889
 #TMI

Conflicts:
	main/inc/ajax/sequence.ajax.php
	main/inc/lib/SecuenceResourceManager.php
---
 main/auth/courses.php                    |  4 ++--
 main/inc/ajax/sequence.ajax.php          | 22 +++++++++++++++++-----
 main/inc/lib/SecuenceResourceManager.php | 20 ++++++++++----------
 3 files changed, 29 insertions(+), 17 deletions(-)

diff --git a/main/auth/courses.php b/main/auth/courses.php
index b199d237743..492e3c88267 100755
--- a/main/auth/courses.php
+++ b/main/auth/courses.php
@@ -223,8 +223,8 @@
             if (count($sequences) > 0) {
                 $requirementsData = SequenceResourceManager::checkRequirementsForUser(
                     $sequences,
-                    api_get_user_id(),
-                    SequenceResource::SESSION_TYPE
+                    SequenceResource::SESSION_TYPE,
+                    api_get_user_id()
                 );
 
                 $continueWithSubscription = SequenceResourceManager::checkSequenceAreCompleted($requirementsData);
diff --git a/main/inc/ajax/sequence.ajax.php b/main/inc/ajax/sequence.ajax.php
index c646ff3d571..3b97023801e 100644
--- a/main/inc/ajax/sequence.ajax.php
+++ b/main/inc/ajax/sequence.ajax.php
@@ -13,9 +13,6 @@
 
 require_once '../global.inc.php';
 
-api_block_anonymous_users();
-api_protect_admin_script();
-
 $action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
 $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
 $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : null;
@@ -25,6 +22,9 @@
 $repository = $em->getRepository('ChamiloCoreBundle:SequenceResource');
 switch ($action) {
     case 'graph':
+        api_block_anonymous_users();
+        api_protect_admin_script();
+
         switch ($type) {
             case 'session':
                 $type = SequenceResource::SESSION_TYPE;
@@ -46,6 +46,9 @@
         }
         break;
     case 'get_icon':
+        api_block_anonymous_users();
+        api_protect_admin_script();
+
         $link = '';
         switch ($type) {
             case 'session':
@@ -94,6 +97,9 @@
         echo $link;
         break;
     case 'delete_vertex':
+        api_block_anonymous_users();
+        api_protect_admin_script();
+
         $vertexId = isset($_REQUEST['vertex_id']) ? $_REQUEST['vertex_id'] : null;
         $type = SequenceResource::SESSION_TYPE;
 
@@ -137,6 +143,9 @@
         }
         break;
     case 'load_resource':
+        api_block_anonymous_users();
+        api_protect_admin_script();
+
         // children or parent
         $loadResourceType = isset($_REQUEST['load_resource_type']) ? $_REQUEST['load_resource_type'] : null;
         $sequenceId = isset($_REQUEST['sequence_id']) ? $_REQUEST['sequence_id'] : 0;
@@ -192,6 +201,9 @@
         }
         break;
     case 'save_resource':
+        api_block_anonymous_users();
+        api_protect_admin_script();
+
         $parents = isset($_REQUEST['parents']) ? $_REQUEST['parents'] : '';
         $sequenceId = isset($_REQUEST['sequence_id']) ? $_REQUEST['sequence_id'] : 0;
         $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : '';
@@ -299,8 +311,8 @@
                     break;
                 }
 
-                $sequenceList = SequenceResourceManager::checkRequirementsForUser($sequences, $userId, $type);
-                $allowSubscription = SequenceResourceManager::checkSequenceAreCompleted($sequenceList);
+                $sequenceList = SecuenceResourceManager::checkRequirementsForUser($sequences, $type, $userId);
+                $allowSubscription = SecuenceResourceManager::checkSequenceAreCompleted($sequenceList);
 
                 $courseController = new CoursesController();
 
diff --git a/main/inc/lib/SecuenceResourceManager.php b/main/inc/lib/SecuenceResourceManager.php
index 653259f6167..4039e444a89 100644
--- a/main/inc/lib/SecuenceResourceManager.php
+++ b/main/inc/lib/SecuenceResourceManager.php
@@ -14,12 +14,11 @@ class SequenceResourceManager
     /**
      * Check if the ser has completed the requirements for the sequences
      * @param array $sequences The sequences
-     * @param int $userId The user ID
      * @param int $type The type of sequence resource
-     *
+     * @param int $userId Optional. The user ID
      * @return array
      */
-    public static function checkRequirementsForUser(array $sequences, $userId, $type)
+    public static function checkRequirementsForUser(array $sequences, $type, $userId = 0)
     {
         $sequenceList = [];
 
@@ -35,11 +34,10 @@ public static function checkRequirementsForUser(array $sequences, $userId, $type
     /**
      * Check if the ser has completed the requirements for the session sequences
      * @param array $sequences The sequences
-     * @param int $userId The user ID
-     *
+     * @param int $userId Optional. The user ID
      * @return array
      */
-    private static function checkSessionRequirementsForUser(array $sequences, $userId)
+    private static function checkSessionRequirementsForUser(array $sequences, $userId = 0)
     {
         $sequenceList = [];
 
@@ -77,10 +75,12 @@ private static function checkSessionRequirementsForUser(array $sequences, $userI
                             $gradebook
                         );
 
-                        $itemSession['status'] = $itemSession['status'] && Category::userFinishedCourse(
-                            $userId,
-                            $category
-                        );
+                        if (!empty($userId)) {
+                            $itemSession['status'] = $itemSession['status'] && Category::userFinishedCourse(
+                                $userId,
+                                $category
+                            );
+                        }
                     }
                 }